diff --git a/chaoscenter/authentication/pkg/utils/sanitizers.go b/chaoscenter/authentication/pkg/utils/sanitizers.go
index df9c4d936a0..817ec4684a9 100644
--- a/chaoscenter/authentication/pkg/utils/sanitizers.go
+++ b/chaoscenter/authentication/pkg/utils/sanitizers.go
@@ -16,7 +16,7 @@ func SanitizeString(input string) string {
 /*
 ValidateStrictPassword represents and checks for the following patterns:
 - Input is at least 8 characters long and at most 16 characters long
-- Input contains at least one special character of these @$!%*?_&
+- Input contains at least one special character of these @$!%*?_&#
 - Input contains at least one digit
 - Input contains at least one uppercase alphabet
 - Input contains at least one lowercase alphabet
@@ -33,7 +33,7 @@ func ValidateStrictPassword(input string) error {
 	digits := `[0-9]{1}`
 	lowerAlphabets := `[a-z]{1}`
 	capitalAlphabets := `[A-Z]{1}`
-	specialCharacters := `[@$!%*?_&]{1}`
+	specialCharacters := `[@$!%*?_&#]{1}`
 	if b, err := regexp.MatchString(digits, input); !b || err != nil {
 		return fmt.Errorf("password does not contain digits")
 	}
diff --git a/chaoscenter/web/src/constants/validation.ts b/chaoscenter/web/src/constants/validation.ts
index 39d68029c28..a03d51e26f5 100644
--- a/chaoscenter/web/src/constants/validation.ts
+++ b/chaoscenter/web/src/constants/validation.ts
@@ -6,7 +6,7 @@ export const USERNAME_REGEX = /^[a-zA-Z][a-zA-Z0-9_-]{2,15}$/;
 //  ^(?=.*[a-z])       # At least one lowercase letter
 //  (?=.*[A-Z])        # At least one uppercase letter
 //  (?=.*\d)           # At least one digit
-//  (?=.*[@$!%*?_&])   # At least one special character @$!%*?_&
-//  [A-Za-z\d@$!%*?_&] # Allowed characters: letters, digits, special characters @$!%*?_&
+//  (?=.*[@$!%*?_&#])   # At least one special character @$!%*?_&#
+//  [A-Za-z\d@$!%*?_&#] # Allowed characters: letters, digits, special characters @$!%*?_&#
 //  {8,16}$            # Length between 8 to 16 characters
-export const PASSWORD_REGEX = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?_&])[A-Za-z\d@$!%*?_&]{8,16}$/;
+export const PASSWORD_REGEX = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?_&#])[A-Za-z\d@$!%*?_&#]{8,16}$/;